fee2b7f41554c458296caed3fee1c31b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fee2b7f41554c458296caed3fee1c31b_JaffaCakes118
Size

168KB
MD5

fee2b7f41554c458296caed3fee1c31b
SHA1

0b7306682631eb7371d66c0d27ead0de8969fdb3
SHA256

96377f394dc41c3d1fc18b62b7a00045658eb1498bd9fad9c7f7378ba06b1bb1
SHA512

64018e2f796d62228f8edfc451c94729faa69c1a8cbbad612e130c39e2f0c1f491d42e930af8e4f7b8dd29888cad0359630aa81f73e91c36295b63dd7e38273f
SSDEEP

3072:AIFQiNdaX14XDxGNr3R4Nysxia4SnMyhUOn1ZjhA1gvxfQ5mg7kEJgQM:A01daFQMNl4NbityH1Zj9x44ckEL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fee2b7f41554c458296caed3fee1c31b_JaffaCakes118

Files

fee2b7f41554c458296caed3fee1c31b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8382aad6437d4d7e264dd1283b77a83

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetFullPathNameA
GetCPInfo
GlobalFindAtomA
GetDiskFreeSpaceA
IsBadCodePtr
GetFileAttributesA
LCMapStringA
SetUnhandledExceptionFilter
GetThreadLocale
FlushFileBuffers
LCMapStringW
GetStringTypeW
IsBadReadPtr
SetFilePointer
VirtualProtect
EnumResourceNamesW
GetOEMCP
SetStdHandle
WriteFile
GetStringTypeA
GetStringTypeExA
CreateFileA
FreeEnvironmentStringsA
ReadFile
GetEnvironmentStringsW
UnhandledExceptionFilter
FindFirstFileA
WideCharToMultiByte
GetEnvironmentStrings
FreeEnvironmentStringsW
MulDiv

rpcrt4

RpcStringFreeA

shlwapi

SHGetInverseCMAP
PathAppendA
PathIsFileSpecA
PathIsContentTypeA
SHCreateStreamOnFileEx
PathCreateFromUrlW

Sections

.text
Size: 84KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ